(Illustration by Gaich Muramatsu)
(Illustration by Gaich Muramatsu)
There are several steps in adding a new user to the Coda file system. First, create a Unix account for the new user on some or all of the Coda clients. Second, add the user to the Coda authentication database and the protection database (described below). Third, create a volume for the user and mount it at the appropriate place in the Coda name space (See Section XXX ).
Add a line for each new user to the
user.coda
file
using the userId from the new users Unix account. @Foot(If you are
at Carnegie Mellon and the user you intend to add does not have a
CMU-CS account, STOP! The user
must
get a CMU-CS account
before you may continue. To determine the UID,
grep
for the
login name in
/etc/passwds
.) You may copy the user's
entry in
/etc/passwds
to the user.coda file for this
purpose if you wish. Note that only the login name (the first
field) and the uid (the third field) are relevant and that you may
delete the other fields as long as you leave all the "
:
"
characters intact.
Now, add the users name to the appropriate group in the file
groups.coda
. Note that Coda groups are totally
separate from Unix groups. Adding a user to group
System:Administrators
is about the equivalent of giving that
user root privileges. Only System Administrators should be in this
group. As an example, we add all Coda developers (hard and soft
core) to the
system:coda
group. Add other Coda users to
groups as appropriate.
Execute
% pwd2pdb -u /vice/db/user.coda -g
/vice/db/group.coda
>
/vice/db/vice.pdb
to generate a Coda protection database.
Finally, execute
pcfgen /vice/db/vice.pdb
to
generate the file
vice.pcf
.
Now that you have generated the new protection database files, you must install these files. Follow these steps:
cd /vice/db
/vice/bin/mvdb
<
srcdir
>
vice.pdb vice.pcf
)
where
<
srcdir
>
is the name of the directory containing the
new vice.pdb and vice.pcf.
User accounts are added to the authentication database with the
au
program, which can also delete and modify user accounts,
change passwords, and get tokens. To add a user, run
au -h
<
SCM
>
nu
on a Coda client workstation, giving the
System Control Machine's name in
<
SCM
>
.
In response to the prompts, provide your Coda userId and password and then the new users name and temporary password. (Give the new users full name to the "Other info" prompt.) You must be a member of the system:administrators group in order to successfully modify the authentication database. The following example illustrates adding the user "guest" to the authentication database. Note that the new password will echo to the screen.
au -h your-scm.host nu Your Vice name: raiff Your password: RPC2_Bind () -- > RPC2_SUCCESS Vice user: guest New password: guestpwd New info: Guest User
Updates made via au will be automatically distributed to the other servers by the Update daemon. Now, the auth server knows about the new users. New users may change their temporary passwords using the cpasswd command.
The file
/vice/auth2/AuthLog
has a log of the auth
server activity and can be used to monitor failed login attempts.
You can also monitor password changes in the file
/vice/db/auth2.pw
.